Latest CVE Feed
-
7.5
HIGHCVE-2002-0608
Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner.... Read more
Affected Products : matu_ftp- EPSS Score: %3.81
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0589
PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.... Read more
Affected Products : pvote- EPSS Score: %6.41
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0604
Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP options.... Read more
Affected Products : snapgear_lite\+_firewall- EPSS Score: %0.91
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0388
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.... Read more
Affected Products : mailman- EPSS Score: %3.15
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0404
Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).... Read more
Affected Products : ethereal- EPSS Score: %1.82
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0400
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.... Read more
Affected Products : bind- EPSS Score: %27.73
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0403
DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.... Read more
Affected Products : ethereal- EPSS Score: %1.82
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0607
members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.... Read more
Affected Products : snitz_forums_2000- EPSS Score: %1.74
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0581
WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script.... Read more
Affected Products : xpede- EPSS Score: %1.65
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0600
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.... Read more
- EPSS Score: %1.67
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0596
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an error message.... Read more
Affected Products : reporting_center- EPSS Score: %0.71
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0595
Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET request to the /reports/ directory.... Read more
Affected Products : reporting_center- EPSS Score: %5.39
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0582
WorkforceROI Xpede 4.1 stores temporary expense claim reports in a world-readable and indexable /reports/temp directory, which allows remote attackers to read the reports by accessing the directory.... Read more
Affected Products : xpede- EPSS Score: %1.17
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-0042
Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.... Read more
Affected Products : irix- EPSS Score: %0.14
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0610
Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.... Read more
Affected Products : mpe_ix- EPSS Score: %2.65
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0583
WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack.... Read more
Affected Products : xpede- EPSS Score: %1.17
- Published: Jun. 18, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-0294
Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system.... Read more
Affected Products : omnipcx- EPSS Score: %0.08
- Published: May. 31, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0275
Falcon web server 2.0.0.1020 and earlier allows remote attackers to bypass authentication and read restricted files via an extra / (slash) in the requested URL.... Read more
Affected Products : falcon_web_server- EPSS Score: %0.53
- Published: May. 31, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0285
Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms... Read more
Affected Products : outlook_express- EPSS Score: %6.99
- Published: May. 31, 2002
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2002-0295
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges.... Read more
Affected Products : omnipcx- EPSS Score: %0.06
- Published: May. 31, 2002
- Modified: Apr. 03, 2025